search

glpi-project / glpi-inventory-plugin

GLPI Inventory plugin
GNU Affero General Public License v3.0
46 stars 27 forks source link

NetDiscovery deletes existing Agents #403

Closed Movix closed 1 year ago

Movix commented 1 year ago

Code of Conduct

Is there an existing issue for this?

Version

10.0.9

Bug description

I have some agents referenced in Home/Administration/Inventory/Agents When performing a netDiscovery targeting an IP Range that allready have some known Agents those Agents are deleted. The linked Computer Asset has an entry in the import Information that is Unmanaged import (by name)

Relevant log output

No response

Page URL

No response

Steps To reproduce

Force Inventory on a computer Run a NetDiscovery on the IP of this Computer

Your GLPI setup information

GLPI 10.0.9 ( => C:\glpi) Installation mode: TARBALL Current language:en_GB -- Operating system: Windows NT ARGGLPI 10.0 build 14393 (Windows Server 2016) AMD64 PHP 8.1.17 apache2handler (Core, PDO, Phar, Reflection, SPL, SimpleXML, apache2handler, bcmath, bz2, calendar, ctype, curl, date, dom, exif, fileinfo, filter, ftp, gd, gettext, hash, iconv, intl, json, ldap, libxml, mbstring, mysqli, mysqlnd, openssl, pcre, pdo_mysql, pdo_sqlite, readline, session, sodium, standard, tokenizer, xml, xmlreader, xmlwriter, zip, zlib) Setup: max_execution_time="3600" memory_limit="512M" post_max_size="40M" safe_mode="" session.save_handler="files" upload_max_filesize="40M" Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.1.17 (Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.1.17 Server at glpi.argru.local Port 80 ) Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 Server Software: mariadb.org binary distribution Server Version: 10.4.28-MariaDB Server SQL Mode: NO_ZERO_IN_DATE,NO_ZERO_DATE,NO_ENGINE_SUBSTITUTION Parameters: glpi@127.0.0.1:3306/GLPI Host info: 127.0.0.1 via TCP/IP PHP version (8.1.17) is supported. Sessions configuration is OK. Allocated memory is sufficient. mysqli extension is installed. Following extensions are installed: dom, fileinfo, filter, libxml, json, simplexml, xmlreader, xmlwriter. curl extension is installed. gd extension is installed. intl extension is installed. zlib extension is installed. The constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES is present. Database engine version (10.4.28) is supported. No files from previous GLPI version detected. The log file has been created successfully. Write access to C:\glpi/files/_cache has been validated. Write access to C:\glpi/config has been validated. Write access to C:\glpi/files/_cron has been validated. Write access to C:\glpi/files has been validated. Write access to C:\glpi/files/_dumps has been validated. Write access to C:\glpi/files/_graphs has been validated. Write access to C:\glpi/files/_lock has been validated. Write access to C:\glpi/files/_pictures has been validated. Write access to C:\glpi/files/_plugins has been validated. Write access to C:\glpi/files/_rss has been validated. Write access to C:\glpi/files/_sessions has been validated. Write access to C:\glpi/files/_tmp has been validated. Write access to C:\glpi/files/_uploads has been validated. Web server root directory configuration seems safe. Sessions configuration is secured. OS and PHP are relying on 64 bits integers. exif extension is installed. ldap extension is installed. openssl extension is installed. Following extensions are installed: bz2, Phar, zip. Zend OPcache extension is not present. Following extensions are installed: ctype, iconv, mbstring, sodium. Write access to C:\glpi/marketplace has been validated. Timezones seems not loaded, see https://glpi-install.readthedocs.io/en/latest/timezones.html. GLPI_ROOT: "C:\\glpi" GLPI_CONFIG_DIR: "C:\\glpi/config" GLPI_VAR_DIR: "C:\\glpi/files" GLPI_MARKETPLACE_DIR: "C:\\glpi/marketplace" GLPI_USE_CSRF_CHECK: "1" GLPI_CSRF_EXPIRES: "7200" GLPI_CSRF_MAX_TOKENS: "100" GLPI_USE_IDOR_CHECK: "1" GLPI_IDOR_EXPIRES: "7200" GLPI_ALLOW_IFRAME_IN_RICH_TEXT: false GLPI_SERVERSIDE_URL_ALLOWLIST: ["/^(https?\|feed):\\/\\/[^@:]+(\\/.*)?$/"] GLPI_TELEMETRY_URI: "https://telemetry.glpi-project.org" GLPI_INSTALL_MODE: "TARBALL" GLPI_NETWORK_MAIL: "glpi@teclib.com" GLPI_NETWORK_SERVICES: "https://services.glpi-network.com" GLPI_MARKETPLACE_ALLOW_OVERRIDE: true GLPI_MARKETPLACE_MANUAL_DOWNLOADS: true GLPI_USER_AGENT_EXTRA_COMMENTS: "" GLPI_DISABLE_ONLY_FULL_GROUP_BY_SQL_MODE: "1" GLPI_AJAX_DASHBOARD: "1" GLPI_CALDAV_IMPORT_STATE: 0 GLPI_DEMO_MODE: "0" GLPI_CENTRAL_WARNINGS: "1" GLPI_DOC_DIR: "C:\\glpi/files" GLPI_CACHE_DIR: "C:\\glpi/files/_cache" GLPI_CRON_DIR: "C:\\glpi/files/_cron" GLPI_DUMP_DIR: "C:\\glpi/files/_dumps" GLPI_GRAPH_DIR: "C:\\glpi/files/_graphs" GLPI_LOCAL_I18N_DIR: "C:\\glpi/files/_locales" GLPI_LOCK_DIR: "C:\\glpi/files/_lock" GLPI_LOG_DIR: "C:\\glpi/files/_log" GLPI_PICTURE_DIR: "C:\\glpi/files/_pictures" GLPI_PLUGIN_DOC_DIR: "C:\\glpi/files/_plugins" GLPI_RSS_DIR: "C:\\glpi/files/_rss" GLPI_SESSION_DIR: "C:\\glpi/files/_sessions" GLPI_TMP_DIR: "C:\\glpi/files/_tmp" GLPI_UPLOAD_DIR: "C:\\glpi/files/_uploads" GLPI_INVENTORY_DIR: "C:\\glpi/files/_inventories" GLPI_NETWORK_REGISTRATION_API_URL: "https://services.glpi-network.com/api/registration/" GLPI_MARKETPLACE_PLUGINS_API_URI: "https://services.glpi-network.com/api/marketplace/" GLPI_I18N_DIR: "C:\\glpi/locales" GLPI_VERSION: "10.0.9" GLPI_SCHEMA_VERSION: "10.0.9" GLPI_MARKETPLACE_PRERELEASES: false GLPI_MIN_PHP: "7.4.0" GLPI_MAX_PHP: "8.3.0" GLPI_YEAR: "2023" htmlawed/htmlawed version 1.2.14 in (C:\glpi\vendor\htmlawed\htmlawed) phpmailer/phpmailer version 6.8.0 in (C:\glpi\vendor\phpmailer\phpmailer\src) simplepie/simplepie version 1.5.8 in (C:\glpi\vendor\simplepie\simplepie\library) tecnickcom/tcpdf version 6.6.2 in (C:\glpi\vendor\tecnickcom\tcpdf) michelf/php-markdown in (C:\glpi\vendor\michelf\php-markdown\Michelf) true/punycode in (C:\glpi\vendor\true\punycode\src) iamcal/lib_autolink in (C:\glpi\vendor\iamcal\lib_autolink) sabre/dav in (C:\glpi\vendor\sabre\dav\lib\DAV) sabre/http in (C:\glpi\vendor\sabre\http\lib) sabre/uri in (C:\glpi\vendor\sabre\uri\lib) sabre/vobject in (C:\glpi\vendor\sabre\vobject\lib) laminas/laminas-i18n in (C:\glpi\vendor\laminas\laminas-i18n\src) laminas/laminas-servicemanager in (C:\glpi\vendor\laminas\laminas-servicemanager\src) monolog/monolog in (C:\glpi\vendor\monolog\monolog\src\Monolog) sebastian/diff in (C:\glpi\vendor\sebastian\diff\src) donatj/phpuseragentparser in (C:\glpi\vendor\donatj\phpuseragentparser\src\UserAgent) elvanto/litemoji in (C:\glpi\vendor\elvanto\litemoji\src) symfony/console in (C:\glpi\vendor\symfony\console) scssphp/scssphp in (C:\glpi\vendor\scssphp\scssphp\src) laminas/laminas-mail in (C:\glpi\vendor\laminas\laminas-mail\src\Protocol) laminas/laminas-mime in (C:\glpi\vendor\laminas\laminas-mime\src) rlanvin/php-rrule in (C:\glpi\vendor\rlanvin\php-rrule\src) blueimp/jquery-file-upload in (C:\glpi\vendor\blueimp\jquery-file-upload\server\php) ramsey/uuid in (C:\glpi\vendor\ramsey\uuid\src) psr/log in (C:\glpi\vendor\psr\log\Psr\Log) psr/simple-cache in (C:\glpi\vendor\psr\simple-cache\src) psr/cache in (C:\glpi\vendor\psr\cache\src) league/csv in (C:\glpi\vendor\league\csv\src) mexitek/phpcolors in (C:\glpi\vendor\mexitek\phpcolors\src\Mexitek\PHPColors) guzzlehttp/guzzle in (C:\glpi\vendor\guzzlehttp\guzzle\src) guzzlehttp/psr7 in (C:\glpi\vendor\guzzlehttp\psr7\src) glpi-project/inventory_format in (C:\glpi\vendor\glpi-project\inventory_format\lib\php) wapmorgan/unified-archive in (C:\glpi\vendor\wapmorgan\unified-archive\src) paragonie/sodium_compat in (C:\glpi\vendor\paragonie\sodium_compat\src) symfony/cache in (C:\glpi\vendor\symfony\cache) html2text/html2text in (C:\glpi\vendor\html2text\html2text\src) symfony/css-selector in (C:\glpi\vendor\symfony\css-selector) symfony/dom-crawler in (C:\glpi\vendor\symfony\dom-crawler) twig/twig in (C:\glpi\vendor\twig\twig\src) twig/string-extra in (C:\glpi\vendor\twig\string-extra) symfony/polyfill-ctype not found symfony/polyfill-iconv not found symfony/polyfill-mbstring not found symfony/polyfill-php80 not found symfony/polyfill-php81 not found symfony/polyfill-php82 in (C:\glpi\vendor\symfony\polyfill-php82) league/oauth2-client in (C:\glpi\vendor\league\oauth2-client\src\Provider) league/oauth2-google in (C:\glpi\vendor\league\oauth2-google\src\Provider) thenetworg/oauth2-azure in (C:\glpi\vendor\thenetworg\oauth2-azure\src\Provider)

Anything else?

Latest GLPIINVENTORY plugin installed

Movix commented 1 year ago

Hello, Sorry about my post that is not clear enough. I'll try with my poor english to explain it better. I have some agents that are listed in the agents in GLPI Inventory. I have a task that performs a net Discovery using an IP range in witch the agents allready created are belonging to. That net discovery then deletes these agents and in the computer asset the agents are linked to i can read in the "Import Information" tab Unmanaged import (by name) Hope this i understandable Movix

stonebuzz commented 1 year ago

Difficult to answer, but I think that SNMP discovery / inventory finds elements that are not network equipment (swith / printer).

Non-network equipment is managed as an Unmanage Device.

When an Unmanage Device is handle, GLPI try to find an asset with the same MAC address (as it is possible to convert an Unmanged into an Asset (Computer, Printer etc.).

I think that's what's happening in your case.

GLPI finds an asset with the same MAC and continues to update it via SNMP discovery/inventory.

Rule match is updated (Unmanaged import (by name)) in your case and agent it's clean (because since SNMP discovery/inventory we don't make the link between the equipment and the agent for this process)

Bear in mind that network discovery / inventory is only useful for network equipment (switch / printer).

And is not at all designed for computer inventory.

Best regards

Movix commented 1 year ago

Hello, Thank you for these details. In my case i have all devices in one IP subnet (class B) that i have defined as an IP range for the discovery.

Indeed a have a bunch of devices in the unmanaged list (about 300 devices) but i can not see that a mac address is the same than the agents that are deleted. those unmanaged devices have various profiles. Some have an IP, some not. Those devcices are Cisco Access Points that do not respond to SNMP, some VoIP Phone, some are Dell Thin-Clients, some are industrial devices. What is surprising is that the list of unmanaged devices is growing and it appears that same devices are added multiple times to the unmanaged list. I believe these are detected upon ARP requests.

But, as the already present agent is also an inventoried Comuter it is not an unmanaged device and has a corresponding asset with the same MAC address.

I checked the Windows Servers that are corresponding to the agents being deleted. These servers do not have any SNMP services activated.

In other words it seemed to me a strange behavior to have agents of known devices deleted upon running a discovery on their IP addresses. Why do they get inventoried as unmanaged devices ?

Do i have to split my range in multiple ranges where i exclude the computers that are already known ? Is it a solution and would you recommend to disable the rule (Unmanaged import (by name)) ?

I'm sorry having this reported here if it is a wrong usage/setting i'm doing.

Movix

stonebuzz commented 1 year ago

Do i have to split my range in multiple ranges where i exclude the computers that are already known ?

Yes it's better

Is it a solution and would you recommend to disable the rule (Unmanaged import (by name)) ?

If you don't want to worry about other equipment, you can disable the rules.

Or uncheck this

image

Quite honestly, it's going to be difficult to debug this part without having a hand on the server.

Troubleshooting is going to be complex

Perhaps you should consider taking out a subscription to benefit from efficient support.

Best regards

Movix commented 1 year ago

Hello,

disabling "unmanaged devices" in the inventory settings does not work, agents are still deleted upon Discovery

Movix

Movix commented 1 year ago

Hello, i did a fresh installation of GLPI + GLPI-Inventory latest versions. I installed the latest GLPI-Agent on 2 computers. After they got inventarised and their agent records were created in GLPI i ran a NetDiscovery on the IP Range those computer belong to. The agents got deleted but not the agent that ran the netDiscovery. I did no other changes to rules or any other configuration in GLPI.

So is this a desired behavior ? Is it not unproductive to be unable to run a discovery on an IP range containing agents and getting them deleted rendering all inventory task these agents are bound to unfunctionnal ? I also tested that removing the IPs of the said agents from the ranges used in the discovery prevents them from being deleted.

If this is a desired behaviour, would it not be helpfull to permit the addition of IP addresses in ranges that wil be excluded from the tasks these ranges are used in ? Because it renders the ip ranges quite unreadable when segmenting a range into several parts to exclude the IPs of agents you want to preserve from being deleted.

Movix

stonebuzz commented 1 year ago

Only computers are linked to agents.

the rest (printer / unmanaged / network device) are not, as they can be managed by several agents (via SNMP discovery/inventory).

In your case, SNMP discovery finds a computer, and this will be managed as an unmanaged device.

In the process of hendling unmanaged item, GLPI looks to see if the asset does not already exist with the MAC address, because an unmanged can be converted as a computer / printer / network eqipement (this is the case for you as the computer already exists).

If this is the case, the asset is updated and the agent is removed.

SNMP discovery and inventory should only be used for printers and network equipment.

Perhaps you should deactivate all the unmanaged rules except "Unmanaged import denied" to refuse the import.

Movix commented 1 year ago

Hello Stonebuzz,

Thank you for your reply. I'm a bit confused about the terms used. You're talking about SNMP discovery, does this mean the Task called Network Discovery is what you call SNMP Discovery ? Is the goal of a discovery not to discover equipement ? That implies it is somehow unknown, right ? So how can the purpose of a discovery be to aim what is allready known as printer or network device? But as it is like it is i understand that i have to handle it the way it is designed. That brings me back to the idea to put in place a list of IPs within a defined range that will be excluded from the discovery task. This would greatly enhance the handling of the IP ranges.

(btw. did you got my email ?)

Movix

stonebuzz commented 1 year ago

Yes SNMP discovery / Network Discovery are same.

Perhaps we could prevent the update if the corresponding asset (via the MAC) is linked to an agent and is a computer.

Yes, I have, but we haven't taken the time to reply yet.

Movix commented 1 year ago

Thank you for taking time to answer. Will look into your latest suggestion otherwise i'l work with IP Range segementation. Sorry about dropping this in as a bug. Closed

stonebuzz commented 1 year ago

I still tried SNMP discovery on my computer (already managed by an agent).

I don't have a MAC address in the XML, so GLPI has added an Unmanaged device without touching the computer.

Movix commented 1 year ago

Yes, the computer asset itself is not touched, only the agent linked to that computer is removed.

stonebuzz commented 1 year ago

my computer is still linked to the agent in my case

Movix commented 1 year ago

is the computer the agent itself performing the discovery ? If yes this one indeed not get deleted

stonebuzz commented 1 year ago

in my case yes but it doesn't matter, I don't have a MAC address from SNMP discovery so GLPI doesn't try to find an asset with this MAC

stonebuzz commented 1 year ago

Hi @Movix

can you try this -> https://github.com/glpi-project/glpi/pull/15583

Best regards

Movix commented 1 year ago

Hi Stonebuzz,

Will try this asap today. But i'm a bit confused. You're talking about Unmanaged device matches (by MAC) but i have a import information entry in the computer asset linked to the agent called Unmanaged import (by Name)

Computer A is inventoried by it's installed agent an creates a Computer Update (by serial + uuid) with computer A as agent in the import Information of computer A

Computer B runs an inventory against the IP of computer A and this creates a Unmanaged import (by Name) with computer B as agent in the import information of computer A

Movix

stonebuzz commented 1 year ago

for the simple reason that the XML arrives on GLPI via the "Unmanaged import (by Name)" rule

But the process diverges immediately afterwards, as GLPI finds an asset with the same MAC

at this point I can't change that (for the moment)

stonebuzz commented 1 year ago

Just apply this change

https://github.com/glpi-project/glpi/pull/15583/files#diff-8e0ba944e7ab7fcd18d95701b02c01385731b9f9a6e8ccef977bb77c76a7c7e6

the rest is related to unit test

Movix commented 1 year ago

Stonebuzz,

sorry posted a wrong information and deleted it. I did the change in the PHP file and it worked. The agent is no more deleted

Movix

trasher commented 1 year ago

Will be fixed in GLPI 10.0.10